Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Python > Re: Parse a Wireshark pcap file

Reply
Thread Tools

Re: Parse a Wireshark pcap file

 
 
Kevin Holleran
Guest
Posts: n/a
 
      01-23-2013
Thanks, I have been trying to get it to work but I am on Mac OS 10.8.2. I
tried to get it from Macports and download/install it myself. Both seem to
get me to here:

ImportError: No module named dnet

I tried to download libdnet but no matter what I do this is what I get.
Granted I am doing;

from scapy.all import *


But I have no idea what I need. I am not trying to craft packets but
filter packets based on tcp.dstport 80 & frame matches signin.aspx. Then
my goal is to parse the data looking for post vars txtUserId & txtPwd and
extract them, dumping them to the screen as userid_value => password.


Thanks for your help.

--
Kevin Holleran
Master of Science, Computer Information Systems
Grand Valley State University
Master of Business Administration
Western Michigan University
SANS GCFA, SANS GCFE, CCNA, ISA, MCSA, MCDST, MCP

"Do today what others won't, do tomorrow what others can't" - SEALFit

"We are what we repeatedly do. Excellence, then, is not an act, but a
habit." - Aristotle


On Tue, Jan 22, 2013 at 10:03 PM, Dave Angel <(E-Mail Removed)> wrote:

> On 01/22/2013 08:32 PM, Kevin Holleran wrote:
>
>> Is there a way to parse out a wireshark pcap file and extract key value
>> pairs from the data? I am illustrated a sniff of some traffic and why it
>> needs utilize HTTPS instead of HTTP but I was hoping to run the pcap
>> through a python script and just output some interesting key value
>> pairs....
>>
>>

> Sure. scapy can create and/or parse pcap files.
>
> http://pypi.python.org/pypi/**Scapy <http://pypi.python.org/pypi/Scapy>
>
>
> --
> DaveA
> --
> http://mail.python.org/**mailman/listinfo/python-list<http://mail.python.org/mailman/listinfo/python-list>
>


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Parse a Wireshark pcap file Dennis Lee Bieber Python 0 01-23-2013 06:21 AM
Re: Parse a Wireshark pcap file Kevin Holleran Python 0 01-23-2013 03:43 AM
Re: Parse a Wireshark pcap file Dave Angel Python 0 01-23-2013 03:29 AM
Re: Parse a Wireshark pcap file Kevin Holleran Python 0 01-23-2013 03:26 AM
Re: Parse a Wireshark pcap file Dave Angel Python 0 01-23-2013 03:03 AM



Advertisments